Router which you can setup with static IP’s and Port forwarding; Setting up the DDNS and NS-record. You can use freedns.afraid.org for the dynamic DNS and the NS-record. So make an account and go to “subdomains”. You need to make 2 subdomains.
. Change the DNS servers on your router if you'd like all the computers and devices that connect to the internet via that router to also use the new DNS servers.
This only works if your computers and devices are setups for, meaning they look to the router for DNS server information, among other things. This is extremely common. Change the DNS servers on your individual devices if you'd only like that one device to use these different DNS servers. This is a good idea when troubleshooting an internet problem with one computer/device that you suspect might be DNS related or if you don't have a router at all.
This is also the right course of action if you're in the uncommon situation of not using DHCP to obtain network information for your computer(s) or another internet-connected device(s)..
It's all about recon. The more an attacker can map your network, the better off they are.
This can be especially sensitive if you have static IP's that don't move around. DNS servers, given you do not separate out recursive services from SOA (given you have any), can be used for various attacks that will affect hosts on your network such as cache poisoning. Not to mention, that by opening up your DNS server with little config tweaking (rate-limiting, ACLs, etc.), you are opening yourself up for DNS Amplification and Reflection attacks similar to what is being seen with NTP lately. Examples and explanations of the NTP reflection can be found here: If you would like to know how to best secure your DNS server, I point you to the following document that the NSA published on securing the DNS architecture. All NSA jokes aside, this is some very good information that falls inline with industry best practices.
The document can be found here.